Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
e1a270dc by Salvatore Bonaccorso at 2022-09-21T12:04:59+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -13098,7 +13098,7 @@ CVE-2022-36077
CVE-2022-36076 (NodeBB Forum Software is powered by Node.js and supports
either Redis, ...)
NOT-FOR-US: NodeBB
CVE-2022-36075 (Nextcloud files access control is a nextcloud app to manage
access con ...)
- TODO: check
+ NOT-FOR-US: Nextcloud files access control App
CVE-2022-36074 (Nextcloud server is an open source personal cloud product.
Affected ve ...)
- nextcloud-server <itp> (bug #941708)
CVE-2022-36073 (RubyGems.org is the Ruby community gem host. A bug in password
& e ...)
@@ -13446,7 +13446,7 @@ CVE-2022-35916 (OpenZeppelin Contracts is a library for
secure smart contract de
CVE-2022-35915 (OpenZeppelin Contracts is a library for secure smart contract
developm ...)
NOT-FOR-US: OpenZeppelin
CVE-2022-35914 (/vendor/htmlawed/htmlawed/htmLawedTest.php in the htmlawed
module for ...)
- TODO: check
+ NOT-FOR-US: htmlawed module for GLPI
CVE-2022-35913 (Samourai Wallet Stonewallx2 0.99.98e allows a denial of
service via a ...)
NOT-FOR-US: Samourai Wallet Stonewallx2
CVE-2022-35912 (In grails-databinding in Grails before 3.3.15, 4.x before
4.1.1, 5.x b ...)
@@ -13975,27 +13975,27 @@ CVE-2022-35711
CVE-2022-35710
RESERVED
CVE-2022-35709 (Adobe Bridge version 12.0.2 (and earlier) and 11.1.3 (and
earlier) are ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-35708 (Adobe Bridge version 12.0.2 (and earlier) and 11.1.3 (and
earlier) are ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-35707 (Adobe Bridge version 12.0.2 (and earlier) and 11.1.3 (and
earlier) are ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-35706 (Adobe Bridge version 12.0.2 (and earlier) and 11.1.3 (and
earlier) are ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-35705 (Adobe Bridge version 12.0.2 (and earlier) and 11.1.3 (and
earlier) are ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-35704 (Adobe Bridge version 12.0.2 (and earlier) and 11.1.3 (and
earlier) are ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-35703 (Adobe Bridge version 12.0.2 (and earlier) and 11.1.3 (and
earlier) are ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-35702 (Adobe Bridge version 12.0.2 (and earlier) and 11.1.3 (and
earlier) are ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-35701 (Adobe Bridge version 12.0.2 (and earlier) and 11.1.3 (and
earlier) are ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-35700 (Adobe Bridge version 12.0.2 (and earlier) and 11.1.3 (and
earlier) are ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-35699 (Adobe Bridge version 12.0.2 (and earlier) and 11.1.3 (and
earlier) are ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-35698
RESERVED
CVE-2022-35697 (Adobe Experience Manager Core Components version 2.20.6 (and
earlier) ...)
@@ -14771,7 +14771,7 @@ CVE-2022-2362 (The Download Manager WordPress plugin
before 3.2.50 prioritizes g
CVE-2022-2361 (The WP Social Chat WordPress plugin before 6.0.5 does not
sanitise and ...)
NOT-FOR-US: WordPress plugin
CVE-2022-35413 (WAPPLES through 6.0 has a hardcoded systemi account accessible
via db/ ...)
- TODO: check
+ NOT-FOR-US: Penta Security Systems Inc WAPPLES
CVE-2022-35412 (Digital Guardian Agent 7.7.4.0042 allows an administrator (who
ordinar ...)
NOT-FOR-US: Digital Guardian Agent
CVE-2022-2360
@@ -15138,7 +15138,7 @@ CVE-2022-2335 (A crafted HTTP packet with a -1
content-length header can create
CVE-2022-2334 (The application searches for a library dll that is not found.
If an at ...)
NOT-FOR-US: Softing Industrial Automation
CVE-2022-2333 (If an attacker manages to trick a valid user into loading a
malicious ...)
- TODO: check
+ NOT-FOR-US: Honeywell
CVE-2022-2332 (A local unprivileged attacker may escalate to administrator
privileges ...)
NOT-FOR-US: Honeywell
CVE-2022-35271
@@ -15359,13 +15359,13 @@ CVE-2022-35198 (Contract Management System v2.0
contains a weak default password
CVE-2022-35197
RESERVED
CVE-2022-35196 (TestLink v1.9.20 was discovered to contain a Cross-Site
Request Forger ...)
- TODO: check
+ NOT-FOR-US: TestLink
CVE-2022-35195 (TestLink 1.9.20 Raijin was discovered to contain a broken
access contr ...)
- TODO: check
+ NOT-FOR-US: TestLink
CVE-2022-35194 (TestLink v1.9.20 was discovered to contain a stored cross-site
scripti ...)
- TODO: check
+ NOT-FOR-US: TestLink
CVE-2022-35193 (TestLink v1.9.20 was discovered to contain a SQL injection
vulnerabili ...)
- TODO: check
+ NOT-FOR-US: TestLink
CVE-2022-35192 (D-Link Wireless AC1200 Dual Band VDSL ADSL Modem Router
DSL-3782 Firmw ...)
NOT-FOR-US: D-Link
CVE-2022-35191 (D-Link Wireless AC1200 Dual Band VDSL ADSL Modem Router
DSL-3782 Firmw ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e1a270dc75fb4ae9394fda54055df51812badde8
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e1a270dc75fb4ae9394fda54055df51812badde8
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
